Difference between revisions of "Ldap-example3"
From OpenKM Documentation
(Created page with '== Configuration parameters == <source lang="java"> principal.adapter=com.openkm.principal.LdapPrincipalAdapter system.login.lowercase=true principal.ldap.referral= principa…') |
|||
Line 35: | Line 35: | ||
== OpenKM.xml == | == OpenKM.xml == | ||
+ | <source lang="xml"> | ||
+ | <?xml version="1.0" encoding="UTF-8"?> | ||
+ | <beans:beans xmlns:beans="http://www.springframework.org/schema/beans" | ||
+ | xmlns:security="http://www.springframework.org/schema/security" | ||
+ | xmlns:task="http://www.springframework.org/schema/task" | ||
+ | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
+ | xsi:schemaLocation="http://www.springframework.org/schema/beans | ||
+ | http://www.springframework.org/schema/beans/spring-beans-3.1.xsd | ||
+ | http://www.springframework.org/schema/security | ||
+ | http://www.springframework.org/schema/security/spring-security-3.1.xsd | ||
+ | http://www.springframework.org/schema/task | ||
+ | http://www.springframework.org/schema/task/spring-task-3.1.xsd"> | ||
+ | <security:authentication-manager alias="authenticationManager"> | ||
+ | <security:authentication-provider ref="ldapAuthProvider" /> | ||
+ | </security:authentication-manager> | ||
+ | <beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> | ||
+ | <beans:constructor-arg value="ldap://192.168.xxx.xxx"/> | ||
+ | <beans:property name="userDn" value="CN=connect,OU=OpenKM,DC=company,DC=com"/> | ||
+ | <beans:property name="password" value="****"/> | ||
+ | </beans:bean> | ||
+ | |||
+ | <beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"> | ||
+ | <beans:constructor-arg> | ||
+ | <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator"> | ||
+ | <beans:constructor-arg ref="contextSource"/> | ||
+ | <beans:property name="userSearch" ref="userSearch"/> | ||
+ | </beans:bean> | ||
+ | </beans:constructor-arg> | ||
+ | <beans:constructor-arg> | ||
+ | <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator"> | ||
+ | <beans:constructor-arg ref="contextSource"/> | ||
+ | <beans:constructor-arg value="DC=company,DC=com"/> | ||
+ | <beans:property name="groupSearchFilter" value="member={0}"/> | ||
+ | <beans:property name="groupRoleAttribute" value="cn"/> | ||
+ | <beans:property name="searchSubtree" value="true" /> | ||
+ | <beans:property name="convertToUpperCase" value="false" /> | ||
+ | <beans:property name="rolePrefix" value="" /> | ||
+ | </beans:bean> | ||
+ | </beans:constructor-arg> | ||
+ | </beans:bean> | ||
+ | |||
+ | <beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> | ||
+ | <beans:constructor-arg index="0" value="DC=company,DC=com" /> | ||
+ | <beans:constructor-arg index="1" value="(&(sAMAccountName={0})(|(memberOf=CN=ROLE_ADMIN,OU=OpenKM,DC=company,DC=com)(memberOf=CN=ROLE_USER,OU=OpenKM,DC=company,DC=com)))" /> | ||
+ | <beans:constructor-arg index="2" ref="contextSource" /> | ||
+ | <beans:property name="searchSubtree" value="true" /> | ||
+ | </beans:bean> | ||
+ | </source> | ||
[[Category: Installation Guide]] | [[Category: Installation Guide]] |
Revision as of 20:48, 16 February 2013
Configuration parameters
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
system.login.lowercase=true
principal.ldap.referral=
principal.ldap.server=ldap://192.168.xxx.xxx:389
principal.ldap.security.principal=CN=Administrator,OU=OpenKM,DC=company,DC=com
principal.ldap.security.credentials=xxxxxx
principal.ldap.mail.attribute=userPrincipalName
principal.ldap.mail.search.base=DC=company,DC=com
principal.ldap.mail.search.filter=(sAMAccountName={0})
principal.ldap.role.attribute=cn
principal.ldap.role.search.base=OU=OpenKM,DC=company,DC=com
principal.ldap.role.search.filter=objectclass=group
principal.ldap.roles.by.user.attribute=memberOf
principal.ldap.roles.by.user.search.base=DC=company,DC=com
principal.ldap.roles.by.user.search.filter=(&(objectclass=person)(sAMAccountName={0}))
principal.ldap.user.attribute=sAMAccountName
principal.ldap.user.search.base=DC=company,DC=com
principal.ldap.user.search.filter=(&(objectclass=user)(|(memberOf=CN=ROLE_ADMIN,OU=OpenKM,DC=company,DC=com)(memberOf=CN=ROLE_USER,OU=OpenKM,DC=company,DC=com)))
principal.ldap.username.attribute=cn
principal.ldap.username.search.base=DC=company,DC=com
principal.ldap.username.search.filter=(sAMAccountName={0})
principal.ldap.users.by.role.attribute=member
principal.ldap.users.by.role.search.base=OU=OpenKM,DC=company,DC=com
principal.ldap.users.by.role.search.filter=(&(objectClass=group)(cn={0}))
OpenKM.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:task="http://www.springframework.org/schema/task"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task-3.1.xsd">
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>
<beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
<beans:constructor-arg value="ldap://192.168.xxx.xxx"/>
<beans:property name="userDn" value="CN=connect,OU=OpenKM,DC=company,DC=com"/>
<beans:property name="password" value="****"/>
</beans:bean>
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
<beans:constructor-arg>
<beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
<beans:constructor-arg ref="contextSource"/>
<beans:property name="userSearch" ref="userSearch"/>
</beans:bean>
</beans:constructor-arg>
<beans:constructor-arg>
<beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
<beans:constructor-arg ref="contextSource"/>
<beans:constructor-arg value="DC=company,DC=com"/>
<beans:property name="groupSearchFilter" value="member={0}"/>
<beans:property name="groupRoleAttribute" value="cn"/>
<beans:property name="searchSubtree" value="true" />
<beans:property name="convertToUpperCase" value="false" />
<beans:property name="rolePrefix" value="" />
</beans:bean>
</beans:constructor-arg>
</beans:bean>
<beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
<beans:constructor-arg index="0" value="DC=company,DC=com" />
<beans:constructor-arg index="1" value="(&(sAMAccountName={0})(|(memberOf=CN=ROLE_ADMIN,OU=OpenKM,DC=company,DC=com)(memberOf=CN=ROLE_USER,OU=OpenKM,DC=company,DC=com)))" />
<beans:constructor-arg index="2" ref="contextSource" />
<beans:property name="searchSubtree" value="true" />
</beans:bean>